CVE-2023-26031

CWE-4268 documents7 sources

Severity

7.5HIGH

EPSS

8.4%

top 7.69%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Apache Software Foundation Apache Hadoop Apache Hadoop

Timeline

PublishedNov 16

Latest updateJan 15

Description

Relative library resolution in linux container-executor binary in Apache Hadoop 3.3.1-3.3.4 on Linux allows local user to gain root privileges. If the YARN cluster is accepting work from remote (authenticated) users, this MAY permit remote users to gain root privileges. Hadoop 3.3.0 updated the " YARN Secure Containers https://hadoop.apache.org/docs/stable/hadoop-yarn/hadoop-yarn-site/SecureContainer.html " to add a feature for executing user-submitted applications in isolated linux containers.…

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.6 | Impact: 5.9

Affected Packages3 packages

▶Mavenorg.apache.hadoop:hadoop-yarn-project3.3.1 — 3.3.5

▶CVEListV5apache_software_foundation/apache_hadoop3.3.1 — 3.3.5

▶NVDapache/hadoop3.3.1 — 3.3.4

🔴Vulnerability Details

GHSA

Apache Hadoop allows local user to gain root privileges↗2023-11-16

▶

OSV

Apache Hadoop allows local user to gain root privileges↗2023-11-16

▶

CVEList

Privilege escalation in Apache Hadoop Yarn container-executor binary on Linux systems↗2023-11-16

▶

📋Vendor Advisories

Oracle

Oracle Oracle Financial Services Applications Risk Matrix: Reports (Apache Hadoop) — CVE-2023-26031↗2025-01-15

▶

Oracle

Oracle Oracle Financial Services Applications Risk Matrix: Installer (Apache Hadoop) — CVE-2023-26031↗2024-07-15

▶

Red Hat

hadoop-yarn-server-nodemanager: Untrusted search path may lead to privilege escalation via container-executor suid binary↗2023-11-16

▶

Apache

Apache hadoop: CVE-2023-26031↗

▶